> You'll understand that we are using 100% programmatic user management. Also,
> I think (in your last few paras) that you are close to answering your own
> question. If you've got multiple users and you cannot rely on a
> jndi.properties, then by exclusion you must rely on the users to supply
> their identity. We use a form to gather the username and password when we
> need them; client certs would also work.
Arved,
Thanks for your help so far. I am down to one last problem. We are using
Orion 1.4.0, and there appears to be some sort of bug in the InitialContext.
I am setting up the environment in my servlet:
Properties env = new Properties();
env.put(
"java.naming.factory.initial",
"com.evermind.server.ApplicationInitialContextFactory" );
env.put( "java.naming.provider.url", "ormi://localhost/appname" );
env.put( "java.naming.security.principal", "appuser" );
env.put( "java.naming.security.credentials", "password" );
InitialContext iCtx = new InitialContext( env );
No matter how I set up env, it does not work with respect to identity.
When I print out the InitialContext, it has all of my ejb-ref's bound
to it. HOWEVER, it does not have any "environment" established at all
(IOW, iCtx.getEnvironment() gives back an empty Hashtable). And when
I access my SB's, I am considered a 'guest' user. If I take permissions
off the SB's, I am able to access and use them. As soon as I put the
permissions back, I am rejected. It is ignoring my principal and
credentials completely!
Do you establish any identity via the InitialContext in your servlet?
Is this a know bug? I can not find it anywhere in BugZilla, which has
a very poor searching interface.
tim.
